Add hosts/ports and ECR registry to image build

giaongo · giaongo · commit c891d07e655d · 2026-02-19T10:43:35.000+02:00
diff --git a/.diploi/helm/app-ingress.yaml b/.diploi/helm/app-ingress.yaml
@@ -5,18 +5,24 @@ metadata:
   annotations:
     kubernetes.io/ingress.class: traefik
 spec:
+  {{- if .Values.endpoints }}
   tls:
     - hosts:
-        - {{ .Values.hosts.app }}
+      {{- range .Values.endpoints }}
+      - {{ .url }}
+      {{- end }}
       secretName: tls-secret
   rules:
-    - host: {{ .Values.hosts.app }}
+    {{- range .Values.endpoints }}
+    - host: {{ .url }}
       http:
         paths:
           - path: '/'
             pathType: Prefix
             backend:
               service:
-                name: app
+                name: {{ .serviceName }}
                 port:
-                  number: 8000
+                  number: {{ .port }}
+    {{- end }}
+  {{- end }}
diff --git a/.diploi/helm/app-service.yaml b/.diploi/helm/app-service.yaml
@@ -3,8 +3,14 @@ kind: Service
 metadata:
   name: app
 spec:
+  {{- if .Values.ports }}
   ports:
-    - port: 8000
-      name: app
+    {{- range .Values.ports }}
+    {{- if eq .serviceName "app" }}
+    - port: {{ .port }}
+      name: {{ .identifier }}
+    {{- end }}
+    {{- end }}
+  {{- end }}
   selector:
-    app: app
+    app: app
diff --git a/.github/workflows/Prebuild.yaml b/.github/workflows/Prebuild.yaml
@@ -1,42 +1,48 @@
-name: Pre-Build
+name: Pre-Build Components
 
 on:
   push:
 
 env:
-  REGISTRY: ghcr.io
+  REGISTRY: public.ecr.aws
+  PROJECT: p8t2q7f4/${{ github.repository }}
+
+permissions:
+      id-token: write 
+      contents: read
 
 jobs:
   production:
-    name: "Production"
+    name: 'Production'
     runs-on: ubuntu-24.04-arm
-    permissions:
-      packages: write
+
     steps:
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Configure AWS credentials (OIDC)
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::300197899440:role/ECRPrebuildPushRightsForGithubActionsRole
+          aws-region: us-east-1
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+      - name: Login to Amazon ECR Public
+        id: login-ecr-public
+        uses: aws-actions/amazon-ecr-login@v2
+        with:
+          registry-type: public
 
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@v4
         with:
-          images: ${{ env.REGISTRY }}/${{ github.repository }}
+          images: ${{ env.REGISTRY }}/${{ env.PROJECT }}
           tags: |
             type=ref,event=branch
             type=ref,event=tag
             # Set latest tag for default branch
             type=raw,value=latest,enable={{is_default_branch}}
 
-      - name: "Login to GitHub Container Registry"
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
       - name: Build and push
         uses: docker/build-push-action@v6
         with:
@@ -46,42 +52,42 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
 
   development:
-    name: "Development"
-    runs-on: ubuntu-latest
-    permissions:
-      packages: write
-    steps:
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+    name: 'Development'
+    runs-on: ubuntu-24.04-arm
+    steps:      
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Configure AWS credentials (OIDC)
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::300197899440:role/ECRPrebuildPushRightsForGithubActionsRole
+          aws-region: us-east-1
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+      - name: Login to Amazon ECR Public
+        id: login-ecr-public
+        uses: aws-actions/amazon-ecr-login@v2
+        with:
+          registry-type: public
 
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@v4
         with:
-          images: ${{ env.REGISTRY }}/${{ github.repository }}
+          images: ${{ env.REGISTRY }}/${{ env.PROJECT }}
           tags: |
             type=ref,event=branch
             type=ref,event=tag
             # Set latest tag for default branch
             type=raw,value=latest,enable={{is_default_branch}}
           flavor: |
             suffix=-dev.,onlatest=true
-
-      - name: "Login to GitHub Container Registry"
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
+            
       - name: Build and push
         uses: docker/build-push-action@v6
         with:
           file: Dockerfile.dev
           push: ${{ github.event_name != 'pull_request' }}
           platforms: linux/arm64
           tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/diploi.yaml b/diploi.yaml
@@ -3,11 +3,13 @@ type: component
 name: Python
 description: Official Python component for Diploi
 
+supportsAdditionalHosts: { serviceName: 'app'}
+
 hosts:
   - name: Python
     identifier: app
-    urlFormat: '[label].[default-domain]'
+    port: 8000
 
 images:
   - identifier: app
-    prebuildImage: ghcr.io/diploi/component-python:[tag]
+    prebuildImage: public.ecr.aws/p8t2q7f4/diploi/component-python:[tag]
